Internet Storm Center
Sign In
Sign Up
Participate: Learn more about our honeypot network
https://isc.sans.edu/tools/honeypot/
Handler on Duty:
Didier Stevens
Threat Level:
green
Date
Author
Title
2023-02-24
Brad Duncan
URL files and WebDAV used for IcedID (Bokbot) infection
2023-01-21
Guy Bruneau
DShield Sensor JSON Log to Elasticsearch
2023-01-04
Rob VandenBrink
Update to RTRBK - Diff and File Dates in PowerShell
2022-12-20
Xavier Mertens
Linux File System Monitoring & Actions
2022-07-25
Xavier Mertens
PowerShell Script with Fileless Capability
2022-07-17
Didier Stevens
Python: Files In Use By Another Process
2022-06-25
Xavier Mertens
Malicious Code Passed to PowerShell via the Clipboard
2022-06-04
Guy Bruneau
Spam Email Contains a Very Large ISO file
2022-06-03
Xavier Mertens
Sandbox Evasion... With Just a Filename!
2022-05-29
Didier Stevens
Extracting The Overlay Of A PE File
2022-05-28
Didier Stevens
Huge Signed PE File: Keeping The Signature
2022-05-26
Didier Stevens
Huge Signed PE File
2022-05-23
Johannes Ullrich
Attacker Scanning for jQuery-File-Upload
2022-05-20
Xavier Mertens
A 'Zip Bomb' to Bypass Security Controls & Sandboxes
2022-03-24
Xavier Mertens
Malware Delivered Through Free Sharing Tool
2021-09-11
Guy Bruneau
Shipping to Elasticsearch Microsoft DNS Logs
2021-05-02
Didier Stevens
PuTTY And FileZilla Use The Same Fingerprint Registry Keys
2021-04-10
Guy Bruneau
Building an IDS Sensor with Suricata & Zeek with Logs to ELK
2021-03-12
Guy Bruneau
Microsoft DHCP Logs Shipped to ELK
2021-02-12
Xavier Mertens
AgentTesla Dropped Through Automatic Click in Microsoft Help File
2020-06-12
Xavier Mertens
Malicious Excel Delivering Fileless Payload
2020-05-22
Didier Stevens
Some Strings to Remember
2020-05-04
Didier Stevens
Sysmon and File Deletion
2020-03-21
Guy Bruneau
Honeypot - Scanning and Targeting Devices & Services
2019-10-03
Xavier Mertens
"Lost_Files" Ransomware
2019-08-04
Didier Stevens
Detecting ZLIB Compression
2019-02-19
Didier Stevens
Identifying Files: Failure Happens
2018-11-05
Johannes Ullrich
Struts 2.3 Vulnerable to Two Year old File Upload Flaw
2017-11-29
Xavier Mertens
Fileless Malicious PowerShell Sample
2017-10-30
Didier Stevens
PE files and debug info
2017-10-24
Xavier Mertens
Stop relying on file extensions
2017-07-19
Xavier Mertens
Bots Searching for Keys & Config Files
2017-07-02
Didier Stevens
PE Section Name Descriptions
2017-05-26
Lorna Hutcheson
File2pcap - A new tool for your toolkit!
2016-08-24
Xavier Mertens
Example of Targeted Attack Through a Proxy PAC File
2016-05-21
Didier Stevens
Python Malware - Part 2
2016-03-30
Xavier Mertens
What to watch with your FIM?
2016-01-20
Xavier Mertens
/tmp, %TEMP%, ~/Desktop, T:\, ... A goldmine for pentesters!
2015-07-12
Didier Stevens
Jump List Files Are OLE Files
2014-03-17
Johannes Ullrich
Scans for FCKEditor File Manager
2014-02-28
Daniel Wesemann
Oversharing
2014-01-11
Guy Bruneau
tcpflow 1.4.4 and some of its most Interesting Features
2013-08-26
Alex Stanford
Stop, Drop and File Carve
2013-08-21
Alex Stanford
Psst. Your Browser Knows All Your Secrets.
2011-11-28
Tom Liston
A Puzzlement...
2011-08-15
Mark Hofman
How to find unwanted files on workstations
2009-12-28
Johannes Ullrich
8 Basic Rules to Implement Secure File Uploads http://jbu.me/48 (inspired by IIS ; bug)
2009-08-13
Jim Clausing
Tools for extracting files from pcaps
2009-06-27
Tony Carothers
New NIAP Strategy on the Horizon
2009-05-27
donald smith
Host file black lists
2009-05-25
Jim Clausing
More tools for (US) Memorial Day
2008-03-13
Jason Lam
Remote File Include spoof!?
Homepage
Diaries
Podcasts
Jobs
Data
TCP/UDP Port Activity
Port Trends
SSH/Telnet Scanning Activity
Weblogs
Threat Feeds Activity
Threat Feeds Map
Useful InfoSec Links
Presentations & Papers
Research Papers
API
Tools
DShield Sensor
DNS Looking Glass
Honeypot (RPi/AWS)
InfoSec Glossary
Forums
Auditing
Diary Discussions
Forensics
General Discussions
Industry News
Network Security
Penetration Testing
Software Security
Contact Us
Contact Us
About Us
Handlers
Slack Channel
Mastodon
Twitter
Follow the Internet Storm Center on
Twitter